Your message dated Sat, 30 May 2015 17:47:17 +0000 with message-id <e1yykqr-0003kt...@franck.debian.org> and subject line Bug#783601: fixed in libinfinity 0.6.6-1~deb8u1 has caused the Debian Bug report #783601, regarding gobby silently accepts expired certificates to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 783601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: gobby Version: 0.5.0-4 Severity: serious X-Debbugs-Cc: intrig...@boum.org Dear Maintainer, At the moment the certificate of gobby.debian.net is expired (reported separately as Bug#783599) but Jessie's gobby happily establishes a full connection to it without any warning. This is a regression since Wheezy, since it's not the case in gobby-0.5 (version 0.4.94-5), which shows a warning stating that the certificate has expired with the option to accept it any way. It's strange (and perhaps relevant), but if one configures an empty file as the "Trusted CAs" file in Jessie's gobby's security options, *then* it lists the connection with a "certificate expired" error next to it in the Document Browser pane. However, no prompt is shown, so it's not possible to manually accept the expired certificate. Cheers! -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gobby depends on: ii dpkg 1.17.25 ii libatk1.0-0 2.14.0-1 ii libatkmm-1.6-1 2.22.7-2.1 ii libc6 2.19-18 ii libcairo-gobject2 1.14.0-2.1 ii libcairo2 1.14.0-2.1 ii libcairomm-1.0-1 1.10.0-1.1 ii libgcc1 1:4.9.2-10 ii libgdk-pixbuf2.0-0 2.31.1-2+b1 ii libglib2.0-0 2.42.1-1 ii libglibmm-2.4-1c2a 2.42.0-1 ii libgnutls-deb0-28 3.3.8-6 ii libgsasl7 1.8.0-6 ii libgtk-3-0 3.14.5-1 ii libgtkmm-3.0-1 3.14.0-1 ii libgtksourceview-3.0-1 3.14.1-1 ii libinfgtk3-0.6-0 0.6.5-1 ii libinfinity-0.6-0 0.6.5-1 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpangomm-1.4-1 2.34.0-1.1 ii libsigc++-2.0-0c2a 2.4.0-1 ii libstdc++6 4.9.2-10 ii libunique-3.0-0 3.0.2-2 ii libxml++2.6-2 2.36.0-2.1 ii libxml2 2.9.1+dfsg1-5
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Source: libinfinity Source-Version: 0.6.6-1~deb8u1 We believe that the bug you reported is fixed in the latest version of libinfinity, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 783...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Philipp Kern <pk...@debian.org> (supplier of updated libinfinity package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 29 May 2015 23:39:33 +0200 Source: libinfinity Binary: libinfinity-0.6-dev libinfinity-0.6-doc libinfinity-0.6-dbg libinfinity-0.6-0 libinfgtk3-0.6-0 infinoted Architecture: source amd64 all Version: 0.6.6-1~deb8u1 Distribution: jessie Urgency: medium Maintainer: Philipp Kern <pk...@debian.org> Changed-By: Philipp Kern <pk...@debian.org> Description: infinoted - dedicated server for infinote-based collaborative editing libinfgtk3-0.6-0 - infinote-based collaborative editing (Gtk widgets) libinfinity-0.6-0 - infinote-based collaborative editing libinfinity-0.6-dbg - infinote-based collaborative editing - debugging symbols libinfinity-0.6-dev - infinote-based collaborative editing - development files libinfinity-0.6-doc - infinote-based collaborative editing - documentation Closes: 783601 Changes: libinfinity (0.6.6-1~deb8u1) jessie; urgency=medium . * New upstream bugfix release - Check certificates for expiration and weak algorithms even if the CA is trusted. (Closes: #783601) - Fix cursor processing and a crash in the client code. Checksums-Sha1: 34deefac2f4032f697d76e12fb02df28b43b1394 1923 libinfinity_0.6.6-1~deb8u1.dsc 8ead3b1cc307f7614f5bd01c63b6b83d18f9d18c 1987142 libinfinity_0.6.6.orig.tar.gz c771cea104d8b73b9d711ae51f9b24a8aff523ac 12556 libinfinity_0.6.6-1~deb8u1.debian.tar.xz 2873563667529d3b596909bc34acdb21f8dec899 611640 libinfinity-0.6-dev_0.6.6-1~deb8u1_amd64.deb b4e8345ef8913f6b642ab860034ddc0bbaa30a20 372518 libinfinity-0.6-doc_0.6.6-1~deb8u1_all.deb f17d7278765c2b52e7799c2ce2b7920682c28b63 1622680 libinfinity-0.6-dbg_0.6.6-1~deb8u1_amd64.deb 9e4bf78f13ec35dbfc30134e296e67539ca0ec70 412286 libinfinity-0.6-0_0.6.6-1~deb8u1_amd64.deb 2e1f2437d2877463cfd6300159a7d26f2b2c6f31 218140 libinfgtk3-0.6-0_0.6.6-1~deb8u1_amd64.deb 424824203ae66b9ab949dee683e2b871c232b86b 184588 infinoted_0.6.6-1~deb8u1_amd64.deb Checksums-Sha256: d73053948950b05adeb63aa9927119fa71b87cdd51519410e4d61467533bd4ff 1923 libinfinity_0.6.6-1~deb8u1.dsc 3df9397b52d61392cbe98084aada9b7362a34811ef21baa0db87fdfd754f92cc 1987142 libinfinity_0.6.6.orig.tar.gz 19b748509a2cda37b33d939f7d39b285be37c99a4fe1832eefc996e46d2246c4 12556 libinfinity_0.6.6-1~deb8u1.debian.tar.xz ed0bfdd0f5b2101ef3e32de278ed6d1974aa6e7995c04f3775ba63dd9f72f057 611640 libinfinity-0.6-dev_0.6.6-1~deb8u1_amd64.deb 082bcaea2c9c9dbf48d7c6d6e271b41cfcf0d25e63b347c4c80c2437e77c8709 372518 libinfinity-0.6-doc_0.6.6-1~deb8u1_all.deb f11efa207e5ff547cadf082a0ab2ae75ba4698d805ae44178aedcf3c6bb91d92 1622680 libinfinity-0.6-dbg_0.6.6-1~deb8u1_amd64.deb c9f59df0e6f8cbf508d22cb4cab9150eebc370b29d9551cf9de9ba4079b363bf 412286 libinfinity-0.6-0_0.6.6-1~deb8u1_amd64.deb 8a154261fdb11ef1a0ae5bcf6c32025877aafb2ea185b2a7e4df305944fb2872 218140 libinfgtk3-0.6-0_0.6.6-1~deb8u1_amd64.deb 1c2cc2d1b8442ce95b31365326ea5d1701aa9bce7e1ecddcca7c3162ffa8b18c 184588 infinoted_0.6.6-1~deb8u1_amd64.deb Files: 6091e0d3699b8249370d126a3ae10391 1923 libs optional libinfinity_0.6.6-1~deb8u1.dsc c65f9f13f17afb4db2ec8cfaf5f01ce5 1987142 libs optional libinfinity_0.6.6.orig.tar.gz b48fc1766fbb184cca677b3c011c7c63 12556 libs optional libinfinity_0.6.6-1~deb8u1.debian.tar.xz 303fa29a9a879696c6d924d4ca39232f 611640 libdevel optional libinfinity-0.6-dev_0.6.6-1~deb8u1_amd64.deb b9d1b3b9b96b3f93daf9e50c0212388b 372518 doc optional libinfinity-0.6-doc_0.6.6-1~deb8u1_all.deb 360b5dccc17309a772e96327654459e6 1622680 debug extra libinfinity-0.6-dbg_0.6.6-1~deb8u1_amd64.deb cf7bec7def360ea56dbe67377bcefa93 412286 libs optional libinfinity-0.6-0_0.6.6-1~deb8u1_amd64.deb 80d2244697ca5b86a6fc9d1443cef2e5 218140 libs optional libinfgtk3-0.6-0_0.6.6-1~deb8u1_amd64.deb b21e6cb43b4b7861d32ef823559dbab1 184588 net optional infinoted_0.6.6-1~deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVaN69AAoJEERuJUU10Fbsad8H+gImBJVugBbISEck7VITUqzx ZKIHEXunbgyA7Jxej9aTb4UDo/Tj9PzhuTXqN5Uom9pSFbejc1zCPhbiapk2l4sN 8DpezvAw8Efvdu/+n+nbDDezsPUrA18m7H5j5i6zUhvKkALl6UeAbpwNDntmWKfd W1P+HEy9a4f/fo7roYvgFfOTMouVk9ia+U+z9RPn/+HHtn2+yhgOMcZbbNlHjES2 18P7/ySZVxmSTEzqnjKxV5J3Ni5kpJbP86O63CU663OgVgPhZ4tAHOGZAmcyHj5L MMDiH/NSv+ENi5eC1D3sv8F2bDt0GAVJD6Eh6Y4H8LgtlU3HZmj0CzU3pX7zKgI= =Ozzh -----END PGP SIGNATURE-----
--- End Message ---
